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Cloud  Computing 

“A  large-scale  distributed  computing  paradigm  that  is 

driven  by  economies  of  scale,  in  which  a  pool  of  abstracted,  - 
virtualized,  dynamically-scalable,  managed  computing  -«« 
power,  storage,  platforms,  and  services  are  delivered  on 
demand  to  external  customers  over  the  Internet.  ” 

I.  Foster,  Y.  Zhau,  R.  loan,  and  S.  Lu.  “Cloud  Computing  and  Grid  Computing: 

360-Degree  Compared.”  Grid  Computing  Environments  Workshop,  2008. 


“A  model  for  enabling  convenient,  on -demand  network  access  to  a 
shared  pool  of  configurable  computing  resources  (e.g.,  networks, 
servers,  storage,  applications,  and  services)  that  can  be  rapidly 
provisioned  and  released  with  minimal  management  effort  or  service 
provider  interaction.  ” 

National  Institute  of  Standards  and  Technology  (NIST),  201 1 . 
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Cloud  Computing  Types 


Software-as-a-Service  (SaaS) 


Platform-as-a-Service  (PaaS) 


Infrastructure-as-a-Service  (laaS) 


Based  on  Type  of  Capability 


f  ■  ' 

Public  Cloud 

l _ t 

Private  Cloud 


Based  on  Who  Can  Access 
Resources 
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Infrastructure-as-a-Service  (laaS) 


Mainly  computational  infrastructure  available  over  the  internet, 
such  as  compute  cycles  and  storage 

Allows  organizations  and  developers  to  extend  their  IT 
infrastructure  on  an  on-demand  basis 

Examples  of  laaS  Providers 

•  Amazon  Elastic  Compute  Cloud  (EC2) 

-  Provides  users  a  special  virtual  machine  (AMI)  that  can  be 
deployed  and  run  on  the  EC2  infrastructure 

•  Amazon  Simple  Storage  Solution  (S3) 

-  Provides  users  access  to  dynamically  scalable  storage  resources 

•  IBM  Computing  on  Demand  (CoD) 

-  Provides  users  access  to  highly  configurable  servers  plus  value- 
added  services  such  as  data  storage 

•  Microsoft  Live  Mesh 

-  Provides  users  access  to  a  distributed  file  system;  targeted  at 
individual  use 


z. about. com 
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Platform-as-a-Service  (PaaS) 

Application  development  platforms  the  allow  the  usage  of  external 
resources  to  create  and  host  applications  of  a  larger  scale  than 
individual  or  small  organization  would  be  able  to  handle 

Examples  of  PaaS  providers 

vertoda.files.wordpress.com 

•  Akamai  EdgePlatform 

-  Large  distributed  computing  platform  for  web  application  deployment  (focus  on 
analysis  and  monitoring  of  resources) 

•  Force.com 

-  Platform  to  build  and  run  applications  and  components  bought  from 
AppExchange  or  custom  applications 

•  Google  App  Engine 

-  Platform  to  develop  and  run  applications  on  Google’s  infrastructure 

•  Microsoft  Azure  Services  Platform 

-  On-demand  compute  and  storage  services  as  well  as  a  development  platform 
based  on  Windows  Azure 

•  Yahoo!  Open  Strategy  (Y!OS) 

-  Platform  to  develop  and  web  applications  on  top  of  the  existing  Yahoo!  Platform 
(focus  on  social  applications) 
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Software-as-a-Service  (SaaS) 


Model  of  software  deployment  in  which  a  third-party 
provider  licenses  an  application  to  customers  for  use 
as  a  service  on  demand 

Examples 

•  Google  Apps 

-  Web-based  office  tools  such  as  e-mail,  calendar  and 
document  management  tools 

•  Salesforce.com 

-  Full  customer  relationship  management  (CRM) 
application 

•  Zoho 

-  Large  suite  of  web-based  applications,  mostly  for 
enterprise  use 


cloudtp.com 
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Cloud  Computing  Types  —  Based  on  Access 


Public 

•  Offered  as  a  service,  usually  over  an  Internet  connection 

•  Typically  charge  a  pay-per-use  fee 

•  Users  can  scale  on-demand  and  do  not  need  to 
purchase  hardware 

•  Cloud  providers  manage  the  infrastructure  and  pool 
resources  into  capacity  required  by  consumers 

Private 

•  Deployed  inside  the  firewall  and  managed  by  the  user 
organization 

•  User  organization  owns  the  software  and  hardware 
running  in  the  cloud 

•  User  organization  manages  the  cloud  and  provides  cloud 
resources 

•  Resources  typically  not  shared  outside  the  organization 
and  full  control  is  retained  by  the  organization 


PERSPECTIVE 


Cloud 

Consumer 


Cloud 

Provider 
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Drivers  for  Cloud  Computing  Adoption 


Scalability 

Organizations  have  access  to  a  large  amount  of  resources  that  scale 
based  on  user  demand 

Elasticity 

Organization’s  can  request,  use,  and  release  as  many  resources  as 
needed  based  on  changing  needs 

Virtualization 

Each  user  has  a  single  view  of  the  available  resources,  independently  of 
how  they  are  arranged  in  terms  of  physical  devices 

Lower 

Infrastructure 

Costs 

The  pay-per-use  model  allows  an  organization  to  only  pay  for  the 
resources  they  need  with  basically  no  investment  in  the  physical 
resources  available  in  the  cloud.  There  are  no  infrastructure  maintenance 
or  upgrade  costs 

Availability 

Organizations  have  the  ability  for  the  user  to  access  data  and 
applications  from  around  the  globe 

Collaboration 

Organizations  are  starting  to  see  the  cloud  as  a  way  to  work 
simultaneously  on  common  data  and  information 

Risk  Reduction 

Organizations  can  use  the  cloud  to  test  ideas  and  concepts  before 
making  major  investments  in  technology 

Reliability 

In  order  to  support  SLAs  (service-level  agreements),  cloud  providers 
have  reliability  mechanisms  that  are  much  more  robust  than  those  that 
could  be  cost-effectively  provided  by  a  single  organization 
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Barriers  for  Cloud  Computing  Adoption 


Security 

The  key  concern  is  data  privacy:  organizations  do  not  have  control  of 
or  know  where  their  data  is  being  stored 

Interoperability 

A  universal  set  of  standards  and/or  interfaces  has  not  yet  been 
defined,  resulting  in  a  significant  risk  of  vendor  lock-in 

Resource 

Control 

The  amount  of  control  that  the  organization  has  over  the  cloud 
environment  varies  greatly 

Latency 

All  access  to  the  cloud  is  done  via  the  internet,  introducing  latency 
into  every  communication  between  the  user  and  the  environment 

Platform  or 

Language 

Constraints 

Some  cloud  environments  provide  support  for  specific  platforms  and 
languages  only 

Legal  Issues 

There  are  concerns  in  the  cloud  computing  community  over 
jurisdiction,  data  protection,  fair  information  practices,  and 
international  data  transfer 
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laaS:  Examples  of  Architecture  and  Design 
Questions 


What 

computation 
is  performed 
in  the  cloud? 
A  full 

application? 
Only  certain 
functionality? 


How  are  resource 

What  communication 

failures  detected  and 

mechanisms  exist 

communicated?  How 

between  the  consumer 

are  SLA  commitments 

and  the  cloud  resource? 

maintained  and 

i 

monitored? 

Cloud 

Consumer 

System/ 

Application 

«HTTP»  C* 

Internet 

«http» 

1 

1 

1 

1 

iCIoud  laaS 
!  Resource 

i 

i 

J 

What  data  is 
stored  in  the 
cloud?  Is  it 
synchronized 
with  other  sets  of 
data? Are  there 
data  privacy 
concerns? 


Key 


What  security 
mechanisms 
are  provided  by 
the  cloud 
resource? 


System  Cloud 
Component  Resource 


Internet 


HTTP 


Systems  residing  in  the  cloud  or  using  resources  from  the  cloud 
will  have  to  be  designed  and  architected  to  account  for  lack  of 
full  control  over  important  quality  attributes 
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PaaS:  Examples  of  Architecture  and  Design 
Questions 


Will  cloud  resources  always  be  active? 

Is  a  cloud  bursting  strategy  appropriate? 


Where  do  external 
users  authenticate  ? 


External 

Client 


«HTTP» 


Internet 


Key 


System  Cloud 
Component  Resource 


External 

Client 


Internet 


HTTP 


What  data  is 
stored  in  the 
cloud?  Is  it 
possible  for  the 
system  to  run  in 
the  cloud  and  the 
data  to  remain 
local? 


Are  all  system 
elements 
compatible  with 
the  cloud 
platform?  Are 
adapters 
necessary? 


Software  Engineering  Institute  CarnegieMellon 


SEI  Technologies  Forum 
Twitter  #SEIVirtualForum 
©  2011  Carnegie  Mellon  University 


SaaS:  Examples  of  Architecture  and  Design 
Questions 


How  does  the  cloud 
system  fit  with  the 
existing  infrastructure? 


What  type  of  client  is 
used  to  interact  with  the 
SaaS  resource? 


0) 

v_ 

3 
•*— > 
O 
3 


Client - £ 


System 

A 


System 

B 


(0 

CD 


«HTTP» 


Is  the  SaaS  security 
architecture  compatible 
with  the  organization’s 
security  architecture  ? 


What  data 
adapters  and 
transformers  are 
necessary  to 
interoperate  with 
other  systems? 


What  additional 
mechanisms  need  to 
be  put  in  place  to 
monitor  system 
performance  and 
usage 7 


Cloud  SaaS 
Resource 


CD 


System  Cloud 
Component  Resource 


Internet 


Control 

Flow 


HTTP 
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Cloud  Consumer 

Example  Decision  #  1 :  Data  Model 

Typical  decisions  of  a  distributed  environment 

•  Local  vs.  Remote 

•  Total  vs.  Partitioned 

•  Distributed  vs.  Centralized 

•  Active  Replication  vs.  Passive  Replication 

•  Data  Security  Model 

Challenges 

•  Data  privacy 

•  Data  synchronization 

•  Performance 


www.jasonkolb.com 
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Cloud  Consumer 

Example  Decision  #  2:  User  Authentication  Model 


Authentication  is  the  mechanism  by  which  consumers  and  providers 
prove  to  one  another  that  they  are  acting  on  behalf  of  specific  users 
or  systems 

Typical  decisions  of  a  distributed,  multi-organizational  environment 


•  Local  vs.  Remote  Authentication 

•  Single  Sign-On  or  Separate  Authentication 

•  Local  or  Remote  Identity  Data 

•  Authentication  Method 

Challenges 

•  Incompatible  authentication  methods 

•  Physical  security  of  identity  data 

•  Synchronization  of  identity  data 

•  Auditing 


blogs.verisign.com 
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Cloud  Consumer 

Example  Decision  #  3:  Allocation  of 
Functionality 


Decisions  depend  on  the  type  of  cloud  implementation 

•  What  functionality  to  deploy  in  the  cloud? 

•  What  functionality  has  to  be  implemented  in  addition  to 
the  functionality  offered  by  the  cloud  provider? 

-  Security 

-  Management 

-  Abstraction  layers,  e.g.  data  access,  transformations, 
adapters 


leogrilo.files.wordpress.com 
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Cloud  Consumer 

Example  Decision  #  4:  Cloud  Bursting 

Refers  to  a  system  that  is  designed  for  average  load,  but  is  capable  of 
load  balancing  to  a  cloud  when  it  reaches  its  full  capacity 

Decisions 

•  Activation,  initialization  and  de-activation  of  the  cloud  resource 

•  State  and  data  synchronization 

•  Computational  elements  to  determine  full  capacity 

•  Computational  elements  for  monitoring  load  and  usage 


mccallioncom425.files.wordpress.com 


Cloud  Consumer 

Example  Decision  #  5:  Cloud  Resource 
Management 

Decisions 

•  Elements  for  failure  detection  and  communication 

•  Elements  for  SLA  monitoring 

•  Logging:  where,  what  and  when 


blogumn.com 
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Cloud  Provider 

Example  Decision  #1 :  Multi-Tenancy  ■, 

Mainly  in  SaaS  implementations,  a  tenant  is  an  organization  that  makes 
use  of  cloud  resources 

Multi-tenancy  requires 

•  Awareness  of  tenant  context:  the  capability  of  recognizing  the  identity  of  the 
tenant  requesting  the  resources  based  on  message  information  as  well  as 
configuration  data 

•  Data  isolation:  tenants  should  only  have  access  to  their  own  data 

•  Performance  isolation:  resource  performance  should  conform  to  service- 
level  agreements,  regardless  of  the  load  on  the  system 


i. zdnet.com 
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Cloud  Provider 

Example  Decision  #1 :  Multi-Tenancy  2 

Option  1  Option  2  Option  3 


One 

option  is 
to  have 
one 

instance 

per 

tenant 


Tenant 

1 


Tenant 

N 


«HTTP» 

«HTTP» 


Cloud  Provider 


Another  option 
is  to  have  a 
single  instance 
that  uses 
tenant 

configuration 
data  to  provide 
tenant  context 


Tenant 

1 


Tenant 

N 


«HTTP» 


«HTTP» 


l 

1 

1 

i 

i 

f —  - s 

Cloud  Resource 

i 

i 

i 

i 

i 

i 

Load  Balancer 

Configuration 

Data 

i 

i 

S' \  “S 

Configuration 
Data 


Tenant 

1 


Tenant 

N 


«HTTP» 


Another  option 
is  to  have 
multiple 
identical 
instances  that 
are  managed 
by  a  load 
balancer 


«HTTP» 


Cloud 

Cloud 

Resource 

Resource 

Cloud  Provider 


Tenant 


Cloud 

Resource 


Cloud 

Provider 


HTTP 


Data  Flow 


Control 

Flow 


\ 

□ 

Data 

Source 

_ _ _ > 

V. 

Hybrid  options 
are  also 
possible 
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Cloud  Provider 

Example  Decision  #2:  Virtualization  Strategy 


Virtualization  in  general  is  the  abstraction  of  computing  resources,  e.g. 


Network  virtualization:  division  of  available  bandwidth  into  channels  that  can 
be  assigned  to  a  particular  resource  in  real  time 

Storage  virtualization:  combination  of  physical  storage  devices  into  what 
appears  to  be  a  single  storage  device  ,  e.g.  SAN  (storage  area  network) 

Server  virtualization:  hiding  of  server  resources  (number  and  identity  of 
individual  physical  servers,  processors,  and  operating  systems)  from  server 
users,  e.g.  VMs  (virtual  machines) 


Server 

Virtualization 

Example 


news.cnet.com/i/bto/20090528/Virtualization_stack_270x258.jpg 
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Cloud  Provider 
Example  Decision  #2: 

Server  Virtualization  Example 

Full  Virtualization 

Virtual  Virtual 

Machine  1  Machine  1 

App  ...  App 
OS  OS 

▼  ▼ 

Hypervisor 

▼ 

Hardware 


(  \ 

Requires 

dedicated 

machine 


Key 


System  Control 

Component  Flow 
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Host-Based  Virtualization 


Virtual  Virtual 

Machine  1  Machine  1 

App  ...  App 
OS  OS 

_ i _ ± _ 

Hypervisor 

▼ 

Host  OS 


▼ 

Hardware 


Other 

Apps 


r 


OS  can 
execute 
other 

applications, 
e.g.  custom 
monitoring 
applications 


▼ 


However, 
there  is  a 
performance 
penalty 


Main  question  is  “How  and  when  are  virtual 
machines  deployed,  started,  initialized,  de¬ 
activated,  replaced,  managed  and 
terminated?” 
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Cloud  Provider 

Example  Decision  #3:  Resource  Interfaces 

Cloud  APIs  are  not  yet  standardized,  so  each  cloud  provider  has  its  own 
specific  APIs  for  managing  its  services 

Currently,  most  Cloud  APIs  are  SOAP-  or  REST-based 


SaaS  APIs 

Specific  Capabilities/Applications 
PaaS  APIs 

Generic  Capabilities  (e.g.  libraries,  platform  components) 

laaS  APIs 

Provisioning 

Configuration 

Management 
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Cloud  Provider 

Example  Decision  #3:  Resource  Interfaces  2 


Supported  Protocols 
Operations 

•  Functionality 

•  Configuration 

•  Management 
QoS  Support 

•  Security 

•  Usability 

•  Configurability 


Sample  Amazon  EC2  Operations  (laaS) 

•  Create  Image 

•  Stop  Instances 

•  Create  Security  Group 

•  Monitor  Instances 


Sample  Google  App  Engine  Operations  (PaaS) 

•  Upload  Application  Code 

•  Authenticate  User 

•  Send  E-mail 


Sample  Zoho.com  Operations  (SaaS) 

•  Set  Up  Application 

•  View  Application  Usage  Data 

•  Embed  in  “X” 
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Cloud  Computing  is  at  the  “Peak  of  Inflated  Expectations 


expectations 


-Cloud  Computing 
-E-Book  Readers 


Wireless  Power 
Internet  TV 

3-D  Printing 
Augmented  Reality 
Surface  Computers 
Mobile  Robots 
Behavioral  Economics 


Video  Search 


Context  Delivery  Architecture 
Quantum  Computing 
3-D  Flat- Panel  Displays 

•  Human  Augmentation 


Speech  Recognition 

•SOA 

■  Location- A  ware  Applications 

•  Wikis 

Electronic  Paper 
Tablet  PC 

L  Idea  M  anagement 
L  Web  2.0 

—  Social  Network  Analysis 

Over-the-Air  Mobile  Phone  Payment  Systems, 

Developed  Markets 

l  RFID  (Case/Pallet) As  of  July  2009 


Technology 

Trigger 


Peak  of 
Inflated 
Expectations 


Trough  of 
Disillusionment 


Slope  of  Enlightenment 


Plateau  of 
Productivity 


time 

Years  to  mainstream  adoption: 

o  less  than  2  years  0  2  to  5  years  ®  5  to  10  years 

Source:  Gartner,  Hype  Cycle  for  Emerging  Technologies,  2009 


obsolete 

more  than  1 0  years  ®  before  plateau 
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The  Concept  of  Private  Clouds  is  Starting  to  Appear 
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Final  Thoughts  ■, 


Cloud  Computing  is  in  essence  an  economic  model 

•  It  is  a  different  way  to  acquire  and  manage  IT  resources 
There  are  multiple  cloud  providers — the  cloud  is  real 

•  Currently  most  cloud  consumers  are  small  enterprises 

•  Large  enterprises  are  exploring  private  clouds 

•  The  number  of  providers  will  most  probably  grow  as  people  start  seeing  greater 
savings  and  improvements  to  reduce  adoption  barriers 

Cloud  Computing  adoption  requires  cost/benefit/risk  analysis  to 
determine 

•  What  resources  to  move  to  the  cloud  (if  any) 

•  What  situations  warrant  use  of  cloud  resources,  even  for  one-time  situations 

•  Implementation  of  private  clouds  vs.  usage  of  public  clouds 

•  What  risks  are  associated  with  using  resources  on  the  cloud 

•  What  risks  are  associated  to  providing  resources  in  the  cloud 
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Final  Thoughts  2 


Decisions  from  a  cloud  consumer  perspective  depend  on 

•  Required  control  level 

•  Required  security  level 

•  Compatibility  with  local  infrastructure 

Decisions  from  a  cloud  provider  perspective  depend  on 

•  Market/user  characteristics 

•  Established  SLAs 

•  Available  technology 

In  general,  these  are  not  fully  technical  decisions 

•  Processes  —  especially  engineering  practices 

•  Governance 

•  Cost/Benefit  analysis 

askbobrankin.com 
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Cloud  Provider  and  Tool  References 


•  3tera:  http://www.3tera.com/ 

•  Akamai  Edge  Platform:  http://www.akamai.com/html/technoloqy/edqeplatform.html 

•  Amazon  Elastic  Compute  Cloud  (EC2):  http://aws.amazon.com/ec2/ 

•  Amazon  Simple  Storage  Solution  (S3):  http://aws.amazon.com/s3/ 

•  Eucalyptus  Systems:  http://www.eucalvotus.com/ 

•  Force.com:  http://www.salesforce.com/platform/ 

•  Google  App  Engine:  http://code.qooqle.com/appenqine/ 

•  Google  Apps:  http://www.qooqle.com/apps/intl/en/business/index.html 

•  IBM  Computing  On  Demand:  http://www-03.ibm.com/svstems/deepcomputinq/cod/ 

•  Microsoft  Azure  Services  Platform:  http://www.microsoft.com/azure/ 

•  Microsoft  Live  Mesh:  http://www.mesh.com/ 

•  Salesforce.com:  http://www.salesforce.com/crm/products.jsp 

•  Ubuntu:  http://www.ubuntu.com/cloud 

•  Yahoo!  Open  Strategy  (Y!OS):  http://developer.vahoo.com/vos/intro/ 

•  Zoho:  http://www.zoho.com/ 
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Contact  Information 


Grace  A.  Lewis 

Research,  Technology  and  Systems  Solutions  (RTSS)  Program 
Advanced  Mobile  Systems  (AMS)  Initiative 


Software  Engineering  Institute 
4500  Fifth  Avenue 
Pittsburgh,  PA  15213-2612 
USA 

Phone:  +1  412-268-5851 
Email:  glewis@sei.cmu.edu 
WWW:  http://www.sei.cmu.edu/about/people/glewis.cfm 
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SATURN  2012  - — -  Software  Engineering  Institute  Carnegie  Mellon 


As  projects  continue  to  grow  in  scale  and  complexity,  effective  collaboration  across  geographical,  cultural,  and  technical  boundaries  is 
increasingly  prevalent  and  essential  to  system  success.  SATURN  2012  will  explore  the  theme  of  “Architecture:  Catalyst  for  Collaboration.” 
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